Re: [sfc] Early review draft-ietf-sfc-nsh
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Thu, 21 September 2017 13:26 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: sfc@ietfa.amsl.com
Delivered-To: sfc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1A5C134B46 for <sfc@ietfa.amsl.com>; Thu, 21 Sep 2017 06:26:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id himWUYl_fkbv for <sfc@ietfa.amsl.com>; Thu, 21 Sep 2017 06:26:14 -0700 (PDT)
Received: from mail-pf0-x233.google.com (mail-pf0-x233.google.com [IPv6:2607:f8b0:400e:c00::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DDC86134AA7 for <sfc@ietf.org>; Thu, 21 Sep 2017 06:26:13 -0700 (PDT)
Received: by mail-pf0-x233.google.com with SMTP id g65so3200224pfe.13 for <sfc@ietf.org>; Thu, 21 Sep 2017 06:26:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=LxXvXwB5kfo7KCaU/tU62yzy1UOiQ9Wp9yZm/pHOQn4=; b=EsI8zNnOYaH+eORQhbS1OAsWge+Xbk915foEyMKXlo4A4WiiqjV6/1Kq8ZVh7uSanJ Waa2tXfPG2Hzp64Yce6xrkxd1MP0nMUwy8DeJKjUt7QNu9PAvi6YZw7RAZUjKLDuB9Jy Znz6hL86/CyETqPeeZk4qCHRbxOXMTr5MtJtx8LdJQJHjRBvEYpvFNzwAeq19D8iy+5Z fDAvGzPr3gegoGhkLxsX1wkZ7qFT/reU/6VhiLwyXdc+vhnAx8SLLKr8uHW9RYJ+wjUD YqEg4/81zU+AtzKXU/BQp3pUGJhUAw8Wr0PtUQJIZpfutAx3xb6zUnAjy7auRfJDd3t9 7MPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=LxXvXwB5kfo7KCaU/tU62yzy1UOiQ9Wp9yZm/pHOQn4=; b=Ns7Rwhf43XoYqrc7iJ+DE5tkkRFgMO+f+1jD88do2su5+rwtvutCzGrQlOMHyPWE0P bhosDclftun/e5en4lSNFeHbw8C7ge58K+XSJ7FB1jXJdbjdSKZ3fduAYtzDqr+U12R9 Toj4rNg5HJtvjFpoVxe/rFXUZlp8JHdi6+p3XW1yxSlgovYhLXx83HpiOMItvh6nXAmA Lo154xmEdXYZnovAt56N785Q7ukvpBhMn5bgW5ncD9WvGa0Su+lPIXOcX1EGMLkJvnIS g4/7OE5gZRI28s7Axs/tls7mtKTIuhJ7FnZlM3ip1slLIn7Ju7IS7I0UQrO/FJKWnUft xIsg==
X-Gm-Message-State: AHPjjUh7V9R2awcohQPpPoTTGW3jVCJnPpV3bqcCKvsopqBk3v0PVxJI I8VzhUMCiGGOBEBO2ND4Cc9duFuZMHFgUPBEVVc=
X-Google-Smtp-Source: AOwi7QCLLM3060sKWCqkWwOMjb5ZOqQ0DQCIdly/7mJmamv8OBF+vlveOW01hzOTzLHNSZ6bgvq1VbRSVoyACpOOPGg=
X-Received: by 10.101.82.9 with SMTP id o9mr5889358pgp.42.1506000373231; Thu, 21 Sep 2017 06:26:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.144.1 with HTTP; Thu, 21 Sep 2017 06:25:32 -0700 (PDT)
In-Reply-To: <65C0A290-C73E-40A5-B41C-4E0C4181BDAB@cisco.com>
References: <CAHbuEH5Nu4mp+eAAuT-4aGwAkkhYw=8=dd96fFiqgybDykym4A@mail.gmail.com> <B0267CF5-FB30-4EF8-A9BC-A86FB97FAE29@cisco.com> <CAHbuEH6LCwDGg+inEEmG6Yyf290CMrKTWk1kxHhpC4v219agRg@mail.gmail.com> <6971D34B-DC0E-4C3E-B412-3C2F8FAE5704@cisco.com> <CAHbuEH42obn8RZ3gyBTWjZXb9r28Ax2A41GeFd6UvAbVE_ZH=g@mail.gmail.com> <43ED911F-2174-4930-A9BE-1B2A81CD03E9@cisco.com> <CAHbuEH6j9c4tapG-Yb_f9iopFok1KteDUocRjqRkWogDpfrVJg@mail.gmail.com> <BF1BE6D99B52F84AB9B48B7CF6F17DA3F18C03@SJCEML701-CHM.china.huawei.com> <787AE7BB302AE849A7480A190F8B93300A046CB0@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <65C0A290-C73E-40A5-B41C-4E0C4181BDAB@cisco.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Thu, 21 Sep 2017 09:25:32 -0400
Message-ID: <CAHbuEH6a4eHj3Xzq00fgyC-bMcxKX1Bj81JRiAQs9M8_nDuLYg@mail.gmail.com>
To: "Carlos Pignataro (cpignata)" <cpignata@cisco.com>
Cc: Med Boucadair <mohamed.boucadair@orange.com>, James N Guichard <james.n.guichard@huawei.com>, "Paul Quinn (paulq)" <paulq@cisco.com>, "sfc@ietf.org" <sfc@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/sfc/OjHAJIAhh_VdAGt35y728jh9PgA>
Subject: Re: [sfc] Early review draft-ietf-sfc-nsh
X-BeenThere: sfc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Service Chaining <sfc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sfc>, <mailto:sfc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sfc/>
List-Post: <mailto:sfc@ietf.org>
List-Help: <mailto:sfc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sfc>, <mailto:sfc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Sep 2017 13:26:17 -0000
On Thu, Sep 21, 2017 at 8:47 AM, Carlos Pignataro (cpignata) <cpignata@cisco.com> wrote: > Hi, Med, > > I fully agree with you. However, I did go through the whole document making > sure we were always using “transport encapsulation”. Frankly, I did find a > few places where normalizing and cleaning the terminology helped a lot. I’ll > post those changes before next week (I want to make some updates to the > security considerations as well, and then release). > > I also agree that, in theory, we do not need to re-describe the layering and > all the pieces exist in RFC 7665 and in the NSH spec. I do not mind erring > on the side of extra clarity for the uninitiated reader. > > I will ask you to check out the forthcoming revision -22. Thank you. I think this will be very helpful. Perhaps a reference to the diagram Med pointed out would fit somewhere in the introduction? You don't need to include it again. Having not looked at the update yet, I am not sure if that is necessary. Thanks, Kathleen > > Thanks! > > — > Carlos Pignataro, carlos@cisco.com > > “Sometimes I use big words that I do not fully understand, to make myself > sound more photosynthesis." > > On Sep 21, 2017, at 3:05 AM, mohamed.boucadair@orange.com wrote: > > Jim, all, > > I do understand the confusion that is induced by "transport" in the NSH > document. Using another term would fix this, sure. > > But, we need to keep in mind that NSH spec is referring to RFC7665 which > uses "transport" extensively. IMHO, the following figure from RFC7665 is > very helpful to understand the SFC layering, including the notion of > outer-transport encapsulation. > > +----------------+ +----------------+ > | SFC-aware | | SFC-unaware | > |Service Function| |Service Function| > +-------+--------+ +-------+--------+ > | | > SFC Encapsulation No SFC Encapsulation > | SFC | > +---------+ +----------------+ Encapsulation +---------+ > |SFC-Aware|-----------------+ \ +------------|SFC Proxy| > | SF | ... ----------+ \ \ / +---------+ > +---------+ \ \ \ / > +-------+--------+ > | SF Forwarder | > | (SFF) | > +-------+--------+ > | > SFC Encapsulation > | > ... SFC-enabled Domain ... > | > Network Overlay Transport > | > _,....._ > ,-' `-. > / `. > | Network | > `. / > `.__ __,-' > `'''' > > Ideally, we don't even need to re-describe the layering in the NSH spec > given that the draft delimits its scope clearly: > > The NSH is the SFC encapsulation required to support > ^^^^^^^^^^^^^^^^^^^^^^^^ > the Service Function Chaining (SFC) architecture (defined in > RFC7665). > > Cheers, > Med > > -----Message d'origine----- > De : sfc [mailto:sfc-bounces@ietf.org] De la part de James N Guichard > Envoyé : mercredi 20 septembre 2017 18:38 > À : Kathleen Moriarty; Carlos Pignataro (cpignata) > Cc : Paul Quinn (paulq); sfc@ietf.org > Objet : Re: [sfc] Early review draft-ietf-sfc-nsh > > Hi Kathleen, > > I am not quite clear as to exactly what is confusing with the existing > text (-21 version). Quoting from section 1: > > The Network Service Header (NSH) specification defines a new protocol > and associated encapsulation for the creation of dynamic service > chains, operating at the service plane. The NSH is designed to > encapsulate an original packet or frame, and in turn be encapsulated > by an outer transport (which is used to deliver the NSH to NSH-aware > network elements), as shown in Figure 1: > > +------------------------------+ > | Transport Encapsulation | > +------------------------------+ > | Network Service Header (NSH) | > +------------------------------+ > | Original Packet / Frame | > +------------------------------+ > > Figure 1: Network Service Header Encapsulation > > This states that the NSH is designed to encapsulate the original > packet/frame (read IP packet or Ethernet frame) and then in turn be > carried by an outer transport. The figure clearly shows that the outer > transport in this context is "Transport Encapsulation". The draft then > goes on to describe what NSH is and then in section 4 more detail is > provided on the transport encapsulation. Now reading section 4 it starts > by saying: > > Once the NSH is added to a packet, an outer encapsulation is used to > forward the original packet and the associated metadata to the start > of a service chain. > > Is the confusion caused by section 1 & 4 text saying "outer encapsulation" > or "outer transport" rather than "Transport Encapsulation" ? If so that is > easily fixed :-) > > Thanks! > > Jim > > -----Original Message----- > From: sfc [mailto:sfc-bounces@ietf.org] On Behalf Of Kathleen Moriarty > Sent: Wednesday, September 20, 2017 12:22 PM > To: Carlos Pignataro (cpignata) <cpignata@cisco.com> > Cc: Paul Quinn (paulq) <paulq@cisco.com>; sfc@ietf.org > Subject: Re: [sfc] Early review draft-ietf-sfc-nsh > > Hi Carlos, > > Please look at the text in the current document. It only says transport > in the text I quoted. The diagram also only says transport. > Drafts need to be clearly written to be broadly understood and the way the > text is now, it is not. I think cleaning it up a bit will lift some of > the security concerns as some are addressed prior to NSH seeing the IP > packet or frame. > > Your response helps, but please take the time to look through the document > to see how it can be clarified so one does not have the questions I and > others have raised. > > Thank you, > Kathleen > > On Wed, Sep 20, 2017 at 11:59 AM, Carlos Pignataro (cpignata) > <cpignata@cisco.com> wrote: > > Hi, Kathleen, > > Thank you for asking explicitly. This document used to have explicit > > “NSH Encapsulation Examples”, but were taken out (at the AD’s request) > based on the argument that “everyone would like to have their > encapsulation”. We can always bring them back if desired, even within a > non-normative appendix. > > > As I follow your questions, I will try my best to answer and clarify. > > I am not sure which “bunny trail” took the conversation here, but > > perhaps a couple of top-post clarifications might help: > > > 1. “Original Packet/Frame” -> the terminology Packet/Frame, as commonly > > used, denotes an IP packet or an Ethernet frame. > > 2. The outer "Transport Encapsulation” does *not* mean TCP. It uses the > > word “Transport” as transport profile, an encapsulation that transports, > not as TCP. GRE is one example of a transport encapsulation, not TCP as a > “L4 Transport Layer protocol”. > > > In point #2, GRE is the Transport that NSH uses between SFFs/SFs. And > > further, since NSH is Transport Encapsulation agnostic, we are talking > about potentially a broad set of protocols… I’d encourage us to not > attempt to classify them in OSI Layers. > > > I can see that some of this might not be totally clear if scanning > > through the document, but it is clear for an implementor. > > > See Table 1 and Table 3 for examples (Transport column) > > I hope this helps set clarifying context, see inline for more specific > > details... > > > On Sep 20, 2017, at 11:21 AM, Kathleen Moriarty > > <Kathleen.Moriarty.ietf@gmail.com> wrote: > > > Hi Carlos, > > It's a start, but should be more specific. > > > The specifics are in the document, even examples as per Tables 1 and 3. > > What are the original > packets/frame - is this link layer or network or both? > > > These are the packets or frames incoming into a classifier, original, > > then NSH is imposed, then a transport encapsulation is imposed. > > > It seems like > both from the diagram, but is that really the case? > > > Yes, it is both. Really the case. > > > Then for the transport encapsulation, is this layer 3 or 4? > > > I believe it is a source of headache and confusion to think about OSI > > layers… what layer is IP-in-IP? And an MPLS Pseudowire transporting > Ethernet? Or an IPv6/L2TPv3 pseudowire transporting TDM? > > > > The wording that precedes this is a bit confusing (here for reference): > > The Network Service Header (NSH) specification defines a new protocol > and associated encapsulation for the creation of dynamic service > chains, operating at the service plane. The NSH is designed to > encapsulate an original packet or frame, and in turn be encapsulated > by an outer transport (which is used to deliver the NSH to NSH-aware > network elements), as shown in Figure 1: > > > Does the explanation above help? I am not sure how to best answer… > > because I do not find it confusing. This text is the result of reviewers > asking for clarity, and then acknowledging that the paragraph above > brought that clarity. > > > > Normally, the higher layers are encapsulated, > > > What is higher and lower? And for what definition of “Normally”? What’s > > a Tunnel? > > > but this wording > describes just the opposite. It says the packet/frame at layer 2/3 > (just going from the normal uses of packet and frame to assume layer > 3/2). > > > Correct. IP packet, Ethernet Frame. > > NHS encapsulates that, and then is encapsulated by a transport layer > 3/4? > > > No. > > Where does it say “Transport Layer”? > > Note that “Network Transport”, and “Transport Encapsulation” are terms > > coming from RFC 7665. > > > And to be clear: many RFCs use “Transport Encapsulation” or a > variation of that (Encapsulation for Transport, Transport-independent > Encapsulation, etc.) > > See Table 1 and Table 3, Transport column, for examples. > > > If you can clarify this text or make it clear that you really > intended to do this odd encapsulation, that would help a lot. > > > Hopefully my explanation helps. > > Understanding the layers this all happens at is very important. If > NSH is the trigger for the layer 3/4 transport, how can security be > applied? Or is it addressed by a prior 3/4 encapsulation by the > original packet/frame? > > Thanks, > Kathleen > > > > — > Carlos Pignataro, carlos@cisco.com > > > > On Tue, Sep 19, 2017 at 4:53 PM, Carlos Pignataro (cpignata) > <cpignata@cisco.com> wrote: > > Hi, Kathleen, > > Thanks for the clarification. > > Regarding: > > is that the layering needs to be specifically stated to clearly > > > Like this? > https://tools.ietf.org/html/draft-ietf-sfc-nsh-21#section-1 > > +------------------------------+ > | Transport Encapsulation | > +------------------------------+ > | Network Service Header (NSH) | > +------------------------------+ > | Original Packet / Frame | > +------------------------------+ > > Figure 1: Network Service Header Encapsulation > > I think if you laid this out > nicely and clearly showed where transport security is addressed at > another layer (out-of-scope), it would go a long way. > > > Hopefully the above (existing) figure and text is clear. In that case: > > One idea is to categorize the paragraphs in the Security > > Considerations to > > make those relations more clear. > > — > Carlos Pignataro. > > > On Sep 19, 2017, at 3:38 PM, Kathleen Moriarty > <Kathleen.Moriarty.ietf@gmail.com> wrote: > > Thanks for the responses. I'm going to top post as I thin the main > point of my review is that the layering needs to be specifically > stated to clearly scope the problem space for NSH security > considerations. The draft as-written is not clear and as a result, > security reviews are very difficult. I think if you laid this out > nicely and clearly showed where transport security is addressed at > another layer (out-of-scope), it would go a long way. Although the > draft improved a bit from the previous version, I think a careful > review and edit pass would do a lot of good, specifically around > clarity of the problem space and solution. The questions I asked were > a result of lack of clarity in the draft. > > Thanks, > Kathleen > > On Tue, Sep 19, 2017 at 3:22 PM, Paul Quinn (paulq) <paulq@cisco.com> > > wrote: > > > Hi, > > Thank you for the review. Please see some comments inline below. > > Paul > > On Sep 18, 2017, at 4:15 PM, Kathleen Moriarty > <kathleen.moriarty.ietf@gmail.com> wrote: > > Hello, > > At Alia's request, I did an early review of draft-ietf-sfc-nsh. Here > are some initial comments and I may have more when the draft is > revised and is in for IESG review. I appreciate your efforts > addressing the comments received to date. I hope you find these > suggestions as helpful improvements to the document and clarity of NSH > security concerns. > > > Section 1 - > > The intended scope in the introduction should also include mention of > multi-tenancy. This changes the security requirements and is very > important to note. > > Section 1.4 - > > 5. Transport Agnostic: The NSH is encapsulation-independent, meaning > it can be transported by a variety of protocols. An appropriate > (for a given deployment) encapsulation protocol can be used to > carry NSH-encapsulated traffic. This transport may form an > overlay network and if an existing overlay topology provides the > required service path connectivity, that existing overlay may be > used. > > Is there a preferred transport so you could specify a recommended > transport security protocol? > > > PQ> There is not. In fact at the AD’s request sample transports were > removed to ensure that there was no implied preference. Therefore, an > operator can select their preferred transports, including — as per the > security considerations section — ones that provide encryption. > > > Section 2, 3rd sentence: > Subsequently, an > outer encapsulation is imposed on the NSH, which is used for network > forwarding. > > Knowing more about this would help to understand options or if there > is another draft that addresses this outer encapsulation that is > imposed and the transport security requirements that go along with it. > > > PQ> Since NSH defines no preferred transport(s), the security of the > selected transport is left to the transport standard. So, for > > example, if > > an operator elects to use the NVO3 defined protocol, then the operator > > has > > explicitly selected that overlay. > > > Transport may be hop to hop, and there might not be encryption of this > header if the application uses an encrypted transport encapsulated in > this layer. In any case, it seems integrity protection is a > requirement for a multi-tenant environment. Could the COSE MAC > function fit the bill since it is intended for concise formats? > https://datatracker.ietf.org/doc/rfc8152 > JOSE produced a similar function with JSON, but it would be slightly > > larger. > > > Section 7.1: > > The following paragraph implies that anything less than a 5-tuple > isn’t useful and that you intend to use traffic content when > available. This is concerning. Can’t you use a 2-tuple? What if > IPsec transport mode were in use, is this solution dead in the water? > > Regardless of the source, metadata reflects the "result" of > classification. The granularity of classification may vary. For > example, a network switch, acting as a classifier, might only be able > to classify based on a 5-tuple, while a service function may be able > to inspect application information. Regardless of granularity, the > classification information can be represented in the NSH. > > If a 2-tuple is possible, could you add that in as an example instead > of or in addition to the 5-tuple? > > > PQ> The 5-tuple was used only as an example that is commonly > > understood in > > the context of network device classification. The sentence: "The > granularity of classification may vary.” addresses 2, 3, 4, n-tuple > classification. Further, that point is reinforced: “Regardless of > granularity, the classification information can be represented in the > > NSH." > > > > > > Section 7.1 > > This text comes too late in the draft and I recommend making a clear > statement in the introduction that session encryption to protect the > data in transit relies on the application/service sending/receiving > the data and not the SFC. I made this point previously and am glad to > see some text, but think it would be much better to state this early > in the draft. Touching upon protections for data streams versus meta > data would both be important (layers for traffic and associated > protections). If it’s meta data, do they need to rely on IPsec and > having a 2-tuple be the minimum? When is that applied? Is there meta > data that could be sensitive if TLS was in place and a 5-tuple is > visible (perhaps the existence of communication is sensitive). Are > there other considerations for metadata and data that need to be > stated up front and put out-of-scope for SFC? I’m asking these > questions as providing these answers could show that the risk is > constrained. > > Depending on the information carried in the metadata, data privacy > considerations may need to be considered. For example, if the > metadata conveys tenant information, that information may need to be > authenticated and/or encrypted between the originator and the > intended recipients (which may include intended SFs only). The NSH > itself does not provide privacy functions, rather it relies on the > transport/overlay layer. An operator can select the appropriate > transport to ensure confidentiality (and other security) > considerations are met. Metadata privacy and security considerations > are a matter for the documents that define metadata format. > > > > PQ> Are you suggesting that application layer confidentially be > > addressed > > in this draft? NSH “plays nicely” with standard encryption > > transports, > > therefore allowing operators to “secure” the path. Going up the stack > > from > > that seems to be outside the scope of NSH and inconsistent with other > protocol requirements. > > > Other comments: > > I’d like to see; > https://tools.ietf.org/html/draft-mglt-sfc-security-environment-req-02 > Published before this document and then have that as a reference. One > of the comments I made previously was to list out the layering and > protections expected on data and NSH. This has been done in the > security environment draft, section 4 should be referenced: > > Section 4 provides an overall description of the SFC environment with > the introduction of the different planes (SFC Control Plane, the SFC > Management Plane, the Tenant's user Plane and the SFC Data Plane). > > > > PQ> As I mentioned on another thread: a secure environment draft is > > not > > related to NSH per se. > > > > > This is a very important point for anyone reviewing for security as > are the environment security requirements. The security environment > requirements draft still needs a little more work from a quick read, > but helps a lot. I need to finish reading the security environment > draft. > > -- > > Best regards, > Kathleen > > _______________________________________________ > sfc mailing list > sfc@ietf.org > https://www.ietf.org/mailman/listinfo/sfc > > > > > > -- > > Best regards, > Kathleen > > _______________________________________________ > sfc mailing list > sfc@ietf.org > https://www.ietf.org/mailman/listinfo/sfc > > > > > > -- > > Best regards, > Kathleen > > > > > > -- > > Best regards, > Kathleen > > _______________________________________________ > sfc mailing list > sfc@ietf.org > https://www.ietf.org/mailman/listinfo/sfc > _______________________________________________ > sfc mailing list > sfc@ietf.org > https://www.ietf.org/mailman/listinfo/sfc > > -- Best regards, Kathleen
- [sfc] Early review draft-ietf-sfc-nsh Kathleen Moriarty
- Re: [sfc] Early review draft-ietf-sfc-nsh Joel M. Halpern
- Re: [sfc] Early review draft-ietf-sfc-nsh Carlos Pignataro (cpignata)
- Re: [sfc] Early review draft-ietf-sfc-nsh Thomas Nadeau
- Re: [sfc] Early review draft-ietf-sfc-nsh Paul Quinn (paulq)
- Re: [sfc] Early review draft-ietf-sfc-nsh Kathleen Moriarty
- Re: [sfc] Early review draft-ietf-sfc-nsh Carlos Pignataro (cpignata)
- Re: [sfc] Early review draft-ietf-sfc-nsh Kathleen Moriarty
- Re: [sfc] Early review draft-ietf-sfc-nsh Carlos Pignataro (cpignata)
- Re: [sfc] Early review draft-ietf-sfc-nsh Kathleen Moriarty
- Re: [sfc] Early review draft-ietf-sfc-nsh Carlos Pignataro (cpignata)
- Re: [sfc] Early review draft-ietf-sfc-nsh James N Guichard
- Re: [sfc] Early review draft-ietf-sfc-nsh Kathleen Moriarty
- Re: [sfc] Early review draft-ietf-sfc-nsh mohamed.boucadair
- Re: [sfc] Early review draft-ietf-sfc-nsh Carlos Pignataro (cpignata)
- Re: [sfc] Early review draft-ietf-sfc-nsh Kathleen Moriarty